You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2002/04/09 16:56:03 UTC
DO NOT REPLY [Bug 7874] New: -
mod_proxy not passing through all Set-Cookie fields
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7874>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7874
mod_proxy not passing through all Set-Cookie fields
Summary: mod_proxy not passing through all Set-Cookie fields
Product: Apache httpd-1.3
Version: 1.3.24
Platform: Sun
OS/Version: Solaris
Status: NEW
Severity: Normal
Priority: Other
Component: mod_proxy
AssignedTo: bugs@httpd.apache.org
ReportedBy: ITS@uk.radan.com
I updated our proxy server from 1.3.19 to 1.3.23, and some of our intranet
applications failed at that point. However, this problem only affects clients
with Netscape 4.x or IE - Netscape 6 users do not appear to see the problem.
Following a serial of network packet traces, the error has been narrowed down
to the newer proxy server failing to pass through all the Set-Cookie fields
returned from the server. Attached are the traces of the request and response
between client and proxy, and between proxy and destination web server:
---------------
Client to proxy server POST request:
POST http://www1.uk.radan.com:8080/helpdesk/index.htm HTTP/1.0
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-
powerpoint, application/vnd.ms-excel, application/msword, */*
Referer: http://www1.uk.radan.com:8080/helpdesk/login.htm?
target_sfr=&target_cust=&target_cust_contract_stat=&PHPSESSID=5d1a8cfdcf0dbc4fbe
875b6e7b0528cf
Accept-Language: en-gb
Content-Type: application/x-www-form-urlencoded
Proxy-Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Hotbar 3.0)
Host: www1.uk.radan.com:8080
Content-Length: 51
Pragma: no-cache
Cookie: PHPSESSID=5d1a8cfdcf0dbc4fbe875b6e7b0528cf
UserName=test&Password=test&B1=Login&action=login
---------------
Proxy server to Web server POST request:
POST /helpdesk/index.htm HTTP/1.1
Host: www1.uk.radan.com:8080
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-
powerpoint, application/vnd.ms-excel, application/msword, */*
Accept-Language: en-gb
Content-Length: 51
Content-Type: application/x-www-form-urlencoded
Cookie: PHPSESSID=5d1a8cfdcf0dbc4fbe875b6e7b0528cf
Pragma: no-cache
Referer: http://www1.uk.radan.com:8080/helpdesk/login.htm?
target_sfr=&target_cust=&target_cust_contract_stat=&PHPSESSID=5d1a8cfdcf0dbc4fbe
875b6e7b0528cf
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Hotbar 3.0)
Via: 1.0 radtrans.uk.radan.com:8088
X-Forwarded-For: 172.16.2.4
Connection: close
UserName=test&Password=test&B1=Login&action=login
---------------
Web server response back to proxy:
HTTP/1.1 200 OK
Date: Tue, 09 Apr 2002 13:44:45 GMT
Server: Apache/1.3.22 (Win32) PHP/4.0.6
X-Powered-By: PHP/4.0.6
Set-Cookie: sid=3782; path=/
Set-Cookie: vk=9f59f63d439c751a995b1bc37691be38; path=/
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
ee2
<html>
<head>.......
---------------
Proxy server response back to client:
HTTP/1.1 200 OK
Date: Tue, 09 Apr 2002 13:41:24 GMT
Server: Apache/1.3.22 (Win32) PHP/4.0.6
Content-Type: text/html
Set-Cookie: vk=9f59f63d439c751a995b1bc37691be38; path=/
Transfer-Encoding: chunked
Via: 1.1 radtrans.uk.radan.com:8088
X-Powered-By: PHP/4.0.6
X-Cache: MISS from radtrans.uk.radan.com
Connection: close
ee2
<html>
<head>......
---------------
Note that in the proxy-client response there is no entry for the
Set-Cookie: sid=3782; path=/
entry.
This works fine with 1.3.19, but fails with both 1.3.23 and 1.3.24 servers.
httpd.conf file for proxy section is identical between all three versions of
server. All three versions have been taking straight from source and compiled
with no extra modules on Solaris 7, running on Solaris 7 server. Destination
web server is apache 1.3.22 with PHP4.0.6 unchanged between all three proxy
server versions.